Krebs had a story in MIT's Technology Review on BLADE in which he recounted the overwhelming success of BLADE in stopping such downloads. The problem with it is false positives, not a surprising problem for an approach with so few false negatives. He cites two experts, including Eric Howes of Sunbelt Software, expressing concerns. But no specific examples are provided.

Perhaps the more interesting story is dealt with by Krebs in his blog where he analyzes the drive-by download tests used by SRI. BLADE is a software sandbox which allows client-side exploits to proceed, but blocks the installation of software by them. This means SRI was able to collect a lot of data about those exploits. The results are at once shocking and supportive of some other claims I've seen recently.

More than half of the attacks observed by SRI were against Adobe Acrobat/Reader. Almost a quarter were against Java. Fewer than I expected targeted Flash. Of the browser attacks (unsurprisingly) the overwhelming majority targeted various versions of Internet Explorer, and about half of the total IE6. Anti-virus was notably unsuccessful at blocking these attacks. No data was provided on the operating systems used, which is a bit disappointing.

About the Author

Larry Seltzer has been writing software for and English about computers ever sincemuch to his own amazementhe graduated from the University of Pennsylvania in 1983.
He was one of the authors of NPL and NPL-R, fourth-generation languages for microcomputers by the now-defunct DeskTop Software Corporation. (Larry is sad to find See Full Bio

Get Our Best Stories!

This newsletter may contain advertising, deals, or affiliate links. Subscribing to a newsletter indicates your consent to our Terms of Use and Privacy Policy. You may unsubscribe from the newsletters at any time.